From 4288b993ee9df6550a367fe06ede3c003dc7bbc6 Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro@gmail.com>
Date: Tue, 5 Dec 2023 16:35:40 -0700
Subject: [PATCH] Fix CVE-2023-39742

From: giflib-5.2.1-17.fc39.src.rpm
Fix segmentation faults due to non correct checking for args
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-39742
Upstream: https://sourceforge.net/p/giflib/bugs/166/

Signed-off-by: Sandro Mani <manisandro@gmail.com>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
---
 getarg.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/getarg.c b/getarg.c
index d569f6c..51fbe0b 100644
--- a/getarg.c
+++ b/getarg.c
@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[],
     int i = 0, ScanRes;
 
     while (!(ISSPACE(CtrlStrCopy[i]))) {
+
+        if ((*argv) == argv_end) {
+            GAErrorToken = Option;
+            return CMD_ERR_NumRead;
+        }
+
         switch (CtrlStrCopy[i + 1]) {
           case 'd':    /* Get signed integers. */
               ScanRes = sscanf(*((*argv)++), "%d",
-- 
2.43.0

